package com.tx.admin.config;

import java.util.List;

import javax.annotation.PostConstruct;

import org.apache.catalina.security.SecurityUtil;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.cache.MemoryConstrainedCacheManager;
import org.apache.shiro.mgt.RememberMeManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.session.SessionListener;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.Cookie;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.ImportResource;
import org.springframework.data.redis.core.RedisTemplate;

import com.tx.admin.util.common.RedisUtil;
import com.tx.admin.util.web.SessionUtil;

/**
 * 权限配置文件
 * @ClassName: ShiroConfiguration
 * @author fuce
 * @date 2018年8月25日
 *
 */
@Configuration
@ImportResource(locations={"classpath:mykaptcha.xml"}) 
public class ShiroConfig {
	
	@Autowired
	private SecurityManager securityManager;
	
	@Autowired
	private RedisTemplate<Object, Object> redisTemplate ;
	

	 @PostConstruct
	 private void initStaticSecurityManager() {
	     SessionUtil.setSecurityManager(securityManager);
	     RedisUtil.setRedisTemplate(redisTemplate);
	   
	 }

	    

//	这是shiro的大管家，相当于mybatis里的SqlSessionFactoryBean
	@Bean
	public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager) {
		ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
		shiroFilterFactoryBean.setSecurityManager(securityManager);
	/*	shiroFilterFactoryBean.setFilters(filters);
	
    	 shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
         */
		return shiroFilterFactoryBean;
	}
//  web应用管理配置
	@Bean
	public DefaultWebSecurityManager securityManager(
			Realm shiroRealm,
			CacheManager cacheManager,
			RememberMeManager manager,
			SessionManager sessionManager
			) {
		DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
		securityManager.setCacheManager(cacheManager);
		securityManager.setRememberMeManager(manager);//记住Cookie
		securityManager.setRealm(shiroRealm);
		securityManager.setSessionManager(sessionManager);
		return securityManager;
	}
	
    @Bean(name = "sessionManager")
    public DefaultWebSessionManager sessionManager(List<SessionListener> listeners) {
        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();
        //redisTemplate默认采用的其实是valueSerializer，就算是采用其他ops也一样，这是一个坑。
        //这个name的作用也不大，只是有特色的cookie的名称。
        sessionManager.setDeleteInvalidSessions(true);
        sessionManager.setSessionListeners(listeners);
        SimpleCookie cookie = new SimpleCookie();
        cookie.setName("session_id");
        sessionManager.setSessionIdCookie(cookie);
        sessionManager.setSessionIdCookieEnabled(true);
        return sessionManager;
    }


//	记住我的配置
	@Bean
	public RememberMeManager rememberMeManager() {
		Cookie cookie = new SimpleCookie("rememberMe");
        cookie.setHttpOnly(true);//通过js脚本将无法读取到cookie信息
        cookie.setMaxAge(60 * 60 * 24);//cookie保存一天
		CookieRememberMeManager manager=new CookieRememberMeManager();
		manager.setCookie(cookie);
		return manager;
	}
//  缓存配置
	@Bean
	public CacheManager cacheManager() {
		MemoryConstrainedCacheManager cacheManager=new MemoryConstrainedCacheManager();//使用内存缓存
		return cacheManager;
	}

	
/**
     * 启用shiro注解
     *加入注解的使用，不加入这个注解不生效
     */
    @Bean
    public AuthorizationAttributeSourceAdvisor getAuthorizationAttributeSourceAdvisor(org.apache.shiro.mgt.SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager);
        return advisor;
    }
    
  

}